
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in

Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in

The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from

Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M

Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and

Elastic Security Labs exposed OXLOADER and CastleStealer — two new Russian-linked malware families spread via fake Google Ads targeting software

ShinyHunters claimed 2.2 million stolen Kodak records and set a publication deadline; Kodak confirmed a breach and engaged external cybersecurity

Symantec found that DragonForce ransomware deployed Backdoor.Turn, a Go implant that hides C2 traffic inside Microsoft Teams TURN relay infrastructure.

Google’s GTIG disclosed UNC6508, a China-nexus group that maintained silent email forwarding inside US medical and military research networks for

North Korean APT37 deployed NarwhalRAT, a new backdoor with encrypted custom C2, via fake Microsoft OTP security alerts targeting South

ESET Research disclosed WIN_DRV, a kernel-mode Windows rootkit linked to China-aligned Earth Lusca — the first confirmed Windows variant of
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.